Tech Tips and Tricks & Advice – written in plain English.

Botnets hurt Rockies and, poison .pdf’s (updated)

You have to feel sorry for the Colorado Rockies, even if you’re not a fan. After a miraculous run of victories swept them into World Series, the Red Sox slammed them 13-1 in Game One (ouch!). To add insult to injury, their online ticket sales website crashed (after only 500 tickets were sold) on Monday, which they believe was the result of a cyber-attack; namely a DoS attack launched from a botnet.
“Our website, and ultimately our fans and our organization, were the victim of an external, malicious attack that shut down the system and kept our fans from being able to purchase their World Series tickets,” Keli McGregor, team president, said Monday in a news release.

Very early in the history of Tech–for EveryoneI wrote two articles which discuss botnets and how your computer could be a zombie without your knowing it — and a couple of steps you can take to prevent a hacker from using your machine to mail out spam, or launch attacks.

The first I titled “Some basic security pointers #1“, which I always think of by its opening sentence, “is your computer a zombie?”. In it I discuss User Account passwords, what makes a good password, and the hidden Windows Administrator account, and provide a link to a tool that tests the effectiveness of your firewall. (Click the links to view the articles.)

The second article was titled “The FBI and Operation: Bot Roast” which opens by asking the question, “is your computer a threat to national security?” In this article I discussed malware, such as rootkits and trojan horses, and how hackers use these to take control of your machine, and use it for their own, nefarious, purposes. I explained what a botnet is, and I provided a link to the pages on my business website where I list several dozen links to the best free antivirus and anti-spyware tools.

Tip of the day: Read these important articles and get educated about hackers and their evil programs, and then download the tools, and take the preventative steps, and thwart these Evil Doers. It is a fact that your machine can be used to interfere with our economic system and way of living.

Tip of the day #2:Do not open any PDFs you receive via email for a while. (Loyal friends and true will note that this is the first time I’ve posted two tips in one day.)
There is currently making the rounds an exploit that uses a trojan horse embedded in a poisoned .pdf attachment to download malware onto your machine. The exploit uses a vulnerability in code found in IE 7 on Windows XP. Microsoft is aware of this, but has yet to release a patch (through Windows Update).
If you aren’t sure what an “exploit” is, I discussed it in an article titled “These folks had a very bad day“, which discusses exploits and vulnerabilities and how this is the Number One hacker technique for gaining control of your machine. In it I demonstrate how to configure your firewall and Update settings, and provide a link to website which will scan your machine for unpatched vulnerabilities and help you get updated and protected.

[update 10/30: From Secure Computing–Ken Dunham, director of global response for iSight Partners, told SCMagazineUS.com today that one of his source’s honeypots received the infected email once every 10 seconds. This indicates “a fairly heavy spamming taking place,” especially for home users in advance of the weekend, he said.

The shadowy Russian internet service provider, Russian Business Network (RBN), is behind the attacks, which attempt to infect users with two rootkits that seek to steal personal and financial information from compromised PCs, Dunham said.

“You have what looks like a PDF attachment,” he said. “It’s actually exploit code designed to download code from a remote server.”

Adobe patched the bug Monday, so those who upgraded to Adobe Reader 8.1.1 and Acrobat 8.1.1 are safe.”

Today’s free link: By clicking the links to the three articles posted above, and scrolling down to this section of the posts, you will find links to 50+ highly rated free security tools. Please, take advantage of them!

• About Tech Paul

I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.

I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.

Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.

Previous Tips & Answers (aka Search This Site)

A Winner’s Blueprint for Achievement

BELIEVE while others are doubting. PLAN while others are playing. STUDY while others are sleeping. DECIDE while others are delaying. PREPARE while others are daydreaming. BEGIN while others are procrastinating. WORK while others are wishing. SAVE while others are wasting. LISTEN while others are talking. SMILE while others are frowning. COMMEND while others are criticizing. PERSIST while others are quitting.